Information Security
Policy

In order to provide such a level of continuous operation, Sycamore has implemented an Information Security Management System (ISMS) in line with the International Standard for Information Security, ISO/IEC 27001.

The impact of an information security incident will obviously depend upon its nature and a comprehensive risk assessment is maintained to assess and mitigate those that can be reasonably identified.

In general terms the potential impact of an incident or breach will be shown in one or more of the following key business areas:

This information security policy forms a key part of our set of controls to ensure that our information is protected effectively and that we can meet our obligations to our customers, shareholders, employees and suppliers.

Non-compliance with this policy could have a significant effect on the efficient operation of the organization and may result in financial loss and an inability to provide necessary services to our customers. If any employee is found to have breached this policy, they will be subject to disciplinary procedure. If a criminal offence is considered to have been committed further action may be taken to assist in the prosecution of the offender(s).

Sycamore is committed to the continuous improvement of its information security management system and will ensure that all applicable legal and regulatory requirements related to information security in its services and operations are followed.

Users of Sycamore’s critical information and information assets will comply with this policy and exercise a duty of care in relation to the operation and use of Sycamore’s information and information systems.